With the increasing reliance on mobile devices in the workplace, organizations must choose the right strategy to manage and secure corporate data. Microsoft offers two primary options: Mobile Application Management (MAM) and Mobile Device Management (MDM). Understanding the differences between these approaches is essential for balancing security, user experience, and administrative effort. This article provides…
Category: Intune
Comparing Web Filtering and Security: Microsoft Entra Internet Access (Global Secure Access) vs. Microsoft Defender for Endpoint (MDE)
Organizations face increasing challenges in securing internet traffic and enforcing web access policies in today’s hybrid work environment. Two key tools from Microsoft, Microsoft Entra Internet Access (Global Secure Access) and Microsoft Defender for Endpoint (MDE), offer robust capabilities for managing security and productivity on the endpoint. This article provides an in-depth comparison between the…
Governing OS Versions in Microsoft Intune: Best Practices and Configuration
In a modern managed workplace environment, ensuring that devices meet minimum operating system (OS) requirements is a critical aspect of security and compliance. By governing the OS versions allowed within your Microsoft Intune environment, you can prevent unsupported or outdated systems from accessing corporate resources. Additionally, having well-configured Windows Update for Business (WUfB) settings can…
Renewing Apple Enrollment Program, VPP Token, and MDM Push Certificate in Microsoft Intune and SCIM token in Entra.
Introduction Managing Apple devices in Microsoft Intune requires maintaining active integrations with Apple services. To ensure continued functionality, administrators must periodically renew four key components, including the SCIM token for third-party applications integrated via Microsoft Entra ID: Failure to renew these components before they expire can disrupt device management and app deployment. This guide provides…
Speaking at the Workplace Ninja Summit 2024
Next week it’s time again for the annual Workplace Ninja Summit in Lucerne, Switzerland. The summit will start on Monday September 16th till Thursday September 19th. The Workplace Ninja summit is organized by the different Workplace Ninja user groups and consists of many Microsoft community heroes like Mirko Colemberg, Thomas Kurth, Daniel Schädler, Kenny Buntinx,…
Speaking at the February 2024 Azure APE Meetup
Today (Tuesday February 27th) I have the pleasure to speak at the February 2024 Azure APE Meetup organized by the Azure Platform Engineering (APE) community. The event, which is hosted by ShareValue, is held in Gouda, the Netherlands and starts at 18:00. At this event, I will be speaking about Microsoft Entra Id Conditional Access,…
Speaking at the MCT Summit Europe 2024
This year, the annual Microsoft Certified Trainer (MCT) summit will be held in the Netherlands. The event which takes place between 14-17 January will take place at location “De Loods” in Rijswijk which is near The Hague. The event has a limited capacity of 200 attendees, which guarantees an intimate and engaging experience. At the…
Configuring even better Windows Update for Business settings for your Microsoft Intune managed Modern Workplace
In March 2021, I published the blogpost “Configuring Windows Update for Business settings for your Microsoft Endpoint Manager managed Modern Workplace“, in that blogpost I described the Windows Update for Business (WUfB) configuration I used, based on the best practices defined by Microsoft defined in their paper titled: “Optimizing Windows 10 Update Adoption“, which is…
Microsoft Intune Application Deployment Best Practices
In December 2012, I blogged about best practices for deploying applications using System Center Configuration Manager, and while many of those recommendations are still valid I thought it was worthwhile to update my recommendations for today’s world, deploying applications using Microsoft Intune. My Modern Workplace Application Vision Source: A framework for Windows endpoint management transformation…
Speaking at the Workplace Ninja Summit, September 27-29 2023
Starting on Wednesday September 27, till Friday September 29 the Workplace Ninja Summit which is an in-person event will take place in Baden, Switserland. This event is organized by the diverse Workplace Ninja User Groups throughout the world which provide delegates helping to organize this 3 day event. The event will have more than 100,…
December 2022 update of the conditional access demystified whitepaper and workflow cheat sheet.
I’m proud to announce the December 2022 update of my Conditional Access demystified whitepaper. With this release, we have reached the fifth iteration of the whitepaper and accompanying files. I released the first version in in August 2019 after writing several blogposts on the subject. In May last year I released the second version containing…
Speaking about Mobile Application Management at the AppManagEvent 2022 on October 7 in Utrecht
On October 7, 2022 the AppManagEvent will be organized in the Media Plaza, Jaarbeurs Utrecht. The AppManagEvent is an initiative from PDS b.v. in the Netherlands. For 2022, the themes are Deployment, Security, Application Virtualization, MSIX, Win10/11/365 management, Identity Management, IT Infra and much more. At this event, I will be speaking together with my…
Speaking about Mobile Application Management at the Techorama Belgium 2022 event
On Wednesday, May 25, 2022, I will be speaking together with Peter Daalmans at the Techorama Belgium event. Techorama 2022 will be an in-person conference taking place in Antwerp 24-25 (pre-con on May 23) in Kinepolis Antwerp. Techorama will offer its usual combination of great speakers, an unforgettable conference experience and 3 days of deep-dive…
Apple Business Manager device import options for later use within Microsoft Endpoint Manager
This blogpost is a continuation of two earlier blogposts about integrating Apple Business Manager with Azure Active Directory and Apple Business Manager. The first blogpost written was about Setting up Apple Business Manager for use with Azure Active Directory and covered the steps to request access to Apple Business Manager, and how to setup and…
Setting up Apple Business Manager for use with Azure Active Directory
Apple Business Manager is a service provided by Apple which helps to deploy Apple devices and apps in your organization. By leveraging Apple Business Manager (ABM) you can automatically enroll devices in Microsoft Endpoint Manager by using Automated Device Enrollment (ADE). You could say it provides similar functionality as to what Windows Autopilot provides for…